RE: Problem-In-TranferingZone

Sun, 06 Dec 2015 01:52:43 -0800 

Sorry for that. Thanks for your reply.. below are the details. 

 

My config

 

//

// named.conf

 

options {

        listen-on port 53 { 127.0.0.1; 1.1.1.1;};

        listen-on-v6 port 53 { ::1; };

        directory       "/var/named";

        dump-file       "/var/named/data/cache_dump.db";

        statistics-file "/var/named/data/named_stats.txt";

        memstatistics-file "/var/named/data/named_mem_stats.txt";

        masterfile-format text;

//      allow-query     { localhost; };

 

transfers-out 5000 ;

allow-transfer { myslave server ip;};

allow-query {127.0.0.0/8;.;}

;

        /*

         - If you are building an AUTHORITATIVE DNS server, do NOT enable recurs

ion.

         - If you are building a RECURSIVE (caching) DNS server, you need to ena

ble

           recursion.

         - If your recursive DNS server has a public IP address, you MUST enable

access

           control to limit queries to your legitimate users. Failing to do so w

ill

           cause your server to become part of large scale DNS amplification

           attacks. Implementing BCP38 within your network would greatly

           reduce such attack surface

        */

        recursion yes;

 

        dnssec-enable yes;

        dnssec-validation yes;

 

        /* Path to ISC DLV key */

        bindkeys-file "/etc/named.iscdlv.key";

 

        managed-keys-directory "/var/named/dynamic";

 

        pid-file "/run/named/named.pid";

        session-keyfile "/run/named/session.key";

};

 

logging {

        channel default_debug {

                file "data/named.run";

                severity dynamic;

        };

};

 

 

I wanted to see all the transferred zones from master  server to the slave 
should be  readable format. Instead of raw… 

 

 

Few logs entries from the slave server 

 

ords, 0 bytes, 0.005 secs (0 bytes/sec)

Dec  6 13:24:26 ns10 named[2202]: transfer of 'alinmaipo.com/IN' from 
212.93.192.4#53: failed while receiving responses: REFUSED

Dec  6 13:24:26 ns10 named[2202]: transfer of 'alinmaipo.com/IN' from 
212.93.192.4#53: Transfer completed: 0 messages, 0 records, 0 bytes, 0.005 secs 
(0 bytes/sec)

Dec  6 13:24:26 ns10 named[2202]: zone mustafa.com/IN: refresh: 
non-authoritative answer from master 212.119.92.5#53 (source 0.0.0.0#0)

6 13:24:23 ns10 named[2202]: transfer of 'alinmainvestment.com/IN' from 
212.93.192.4#53: connected using 212.119.93.5#45083

Dec  6 13:24:23 ns10 named[2202]: transfer of 'alahlitrade.com/IN' from 
212.93.192.4#53: connected using 212.119.93.5#40208

Dec  6 13:24:23 ns10 named[2202]: transfer of 'alinmainvestment.com/IN' from 
212.93.192.4#53: failed while receiving responses: REFUSED

Dec  6 13:24:23 ns10 named[2202]: transfer of 'alinmainvestment.com/IN' from 
212.93.192.4#53: Transfer completed: 0 messages, 0 records, 0 bytes, 0.003 secs 
(0 bytes/sec)

Dec  6 13:24:23 ns10 named[2202]: transfer of 'alahlitrade.com/IN' from 
212.93.192.4#53: failed while receiving responses: REFUSED

Dec  6 13:24:23 ns10 named[2202]: transfer of 'alahlitrade.com/IN' from 
212.93.192.4#53: Transfer completed: 0 messages, 0 records, 0 bytes, 0.004 secs 
(0 bytes/sec)

Dec  6 13:24:23 ns10 named[2202]: zone ejaz.com/IN: refresh: unexpected rcode 
(REFUSED) from master 212.119.64.6#53 (source 0.0.0.0#0)

Dec  6 13:24:23 ns10 named[2202]: zone ejaz.com/IN: Transfer started.

Dec  6 13:24:23 ns10 named[2202]: zone amoudico.com/IN: refresh: 
non-authoritative answer from master 212.119.92.5#53 (source 0.0.0.0#0)

Dec  6 13:24:23 ns10 named[2202]: zone c-r.com.sa/IN: refresh: 
non-authoritative answer from master 212.119.92.5#53 (source 0.0.0.0#0)

Dec  6 13:24:23 ns10 named[2202]: zone intawana.net/IN: refresh: 
non-authoritative answer from master 212.119.92.5#53 (source 0.0.0.0#0)

Dec  6 13:24:23 ns10 named[2202]: transfer of 'ejaz.com/IN' from 
212.119.64.6#53: connected using 212.119.93.5#42454

Dec  6 13:24:23 ns10 named[2202]: zone smc-groups.com/IN: refresh: 
non-authoritative answer from master 212.119.92.5#53 (source 0.0.0.0#0)

Dec  6 13:24:23 ns10 named[2202]: zone tsf.com.sa/IN: refresh: 
non-authoritative answer from master 212.119.92.5#53 (source 0.0.0.0#0)

Dec  6 13:24:23 ns10 named[2202]: zone cepcomed.com.com/IN: refresh: 
non-authoritative answer from master 212.119.92.5#53 (source 0.0.0.0#0)

Dec  6 13:24:23 ns10 named[2202]:

 

 

 

Master server 

[root@ns6 named]# named -v

BIND 9.9.8 (Extended Support Version) <id:2d6d4ba>

 

 

Slave server

 

[root@ns10 named]# named -v

BIND 9.9.4-RedHat-9.9.4-29.el7 (Extended Support Version)

 

 

 

I am trying to retrieve all the zones together from the master. Did not copied 
from the old serer 

 

 

 

Ejaz 

 

-----Original Message-----
From: Anand Buddhdev [mailto:ana...@ripe.net] 
Sent: Sunday, December 6, 2015 12:29 PM
To: Ejaz <me...@cyberia.net.sa>; bind-users@lists.isc.org
Subject: Re: Problem-In-TranferingZone

 

On 06/12/15 06:59, Ejaz wrote:

 

Hi Ejaz,

 

> I have implemented new slave server and wanted to  get all the 2000 

> zones from primary/master server to the new slave one. But zone file  

> some time comes with empty records and sometimes  appears as below, 

> Any idea Would be highly appreciated.

 

You have not provided even a single piece of detail about your configuration, 
such as how you tried to copy the zones from the master to the slave. Did you 
use scp or sync? Did you configure the slave to do zone transfer? We can't read 
your mind.

 

If you want help, please ask some better questions, and provide:

 

1. Your configuration

2. What you expected to see

3. Log snippets from your slave server

4. Your BIND version

5. Any other relevant information about what commands you typed, etc

 

Regards,

Anand


_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Reply via email to